Microsoft, Apple, and Florida’s Water: 3 High Profile Cyber Attacks

The shift to virtual has brought about a series of changes to the world of business. Some positive moves include the option to work from home, the adoption of flexible working, and a lack of commute.

However, it hasn’t all been sunshine and roses.

Since the onset of the global pandemic, cyber criminals have seized upon the opportunity to attack vulnerable organizations as their operations went through a period of dramatic, unexpected change. In particular, people, who are seen as the weakest link in an organization’s cyber security chain, were repeatedly targeted in a number of scams, heists, and hacks.

Related Webinar: Borderless Cyber Security – How to Support an Evolving Workforce

To give you some context of the sheer scale of increase since the early 2019 turning point, here are some key stats:

There was a 238% increase in cyber attacks on banks in 2020.
The FBI reported a 300% increase in reported cyber crimes in 2020.
Confirmed data breaches in the healthcare industry increased by 58% in 2020.
In April 2020, Google blocked 18 million daily malware and phishing emails related to Coronavirus.
Cloud-based cyber attacks rose 630% between January and April 2020.

With this stark rise in attacks, this area of business is fast-becoming one of the most important considerations for organizations around the world across all industries.

In this post, you’ll find information on some of the more high-profile attacks since COVID-19 became a staple in our daily lives.

1 The Microsoft Exchange server attack

In early 2021, global computer powerhouse Microsoft were the victims of a server data breach.

Hackers exploited four zero-day vulnerabilities in Microsoft Exchange servers’ Outlook Web Access (OWA), gaining access to the victims’ entire servers and networks, as well as emails and calendar invitations.

The hacker, as reported by Microsoft, was Hafnium, a Chinese state-sponsored hacking group. Entities previously targeted by the group include think tanks, non-profits, defense contractors, and researchers.

On March 12th 2021, Microsoft announced that a form of ransomware known as DoejoCrypt/DearCry leveraged weaknesses to spread malware on susceptible Exchange servers, similar to the WannaCry ransomware attack in 2017. There have also been reports of issues with Cobalt Strike, BlackKingdom, and the Lemon Duck cryptocurrency mining botnet.

Apple was subject to a malicious cyber attack as hackers revelled in a post-COVID virtual world

2 Apple’s no-click spyware attack

Apple were the target of one of the latest high-profile cyber attacks when devices were targeted using a no-click spyware.

The attack, which allowed hackers to access devices via the iMessage service even if users did not click on a link or file, was discovered by independent researchers.

According to a paper from the Citizen Lab at the University of Toronto, the NSO Group, an Israeli spyware business, utilized a “zero-click exploit” to gain access to the phone of an unnamed Saudi activist. The exploit was dubbed “Forcedentry” by Citizen Lab researchers and has been in use since February. They also disclosed that the activist’s smartphone was infected with the NSO Group’s flagship “Pegasus” spyware tool.

Although significant, security experts said most owners of Apple devices need not be alarmed as such attacks are usually highly targeted.

Florida state was the target of a sinister cyber attack when an online criminal attempted to hack the virtual element of the water system

3 Florida’s water hack

In one of the more frightening and unusual cyber attacks of 2021, a hacker tried to increase the level of sodium hydroxide in the city of Oldsmar in Florida using their virtual water management system.

While the hacker’s identity is unknown, Bob Gualtieri, the sheriff of Pinellas County, Florida, which includes Oldsmar, said the hacker appeared to infiltrate the water treatment plant’s TeamViewer software to gain remote access to the target computer. The sheriff, on the other hand, had little to say about how the hacker got access to TeamViewer or the plant’s IT network in the first place. He also didn’t say how the intruder got into the so-called operational technology network, which is typically separated from the internet-connected IT network and controls physical equipment in industrial control systems.

The intruder was attempting to increase the amount of sodium hydroxide in the water supply, also known as lye or caustic soda, from 100 parts per million to 11,100 parts per million. The corrosive chemical regulates the PH level of potable water at low concentrations. At high levels, it can cause severe damage to any human tissue it comes into contact with.

According to city officials, an operator detected the intrusion quickly and restored the sodium hydroxide levels to normal. Even if he hadn’t, they claim, the poisoned water would have taken 24 to 36 hours to reach the city’s residents, and automated PH testing safeguards would have triggered an alarm and caught the change before anyone was harmed.

Conclusion

What the above shows us is that from the world’s largest companies, to local authorities, every organization is clearly at threat.

And while some might say that cyber criminals capitalized on a particularly vulnerable period, we must remember that the working world is now increasingly virtual, and as long as it remains so, it will remain at risk of increasingly sophisticated cyber attacks.

While tech giants are constantly working to update their security systems to prevent these types of events happening, one neglected area of cyber security is people. Cyber security is, for the most-part, a people issue, and this must be addressed in our cyber security awareness campaigns.